<?php


class Application_Model_AclBuilder
{
   /*public function __construct()
   {
      $this->add(new Zend_Acl_Resource('default')); //module

      $this->add(new Zend_Acl_Resource('default_index'),'default'); //controller
      $this->add(new Zend_Acl_Resource('default_index_index'),'default_index'); //page
      $this->add(new Zend_Acl_Resource('default_error'),'default');
      $this->add(new Zend_Acl_Resource('default_error_error'),'default_error');

      $this->add(new Zend_Acl_Resource('default_auth'),'default');
      $this->add(new Zend_Acl_Resource('default_auth_login'),'default_auth');
      $this->add(new Zend_Acl_Resource('default_auth_logout'),'default_auth');
      $this->add(new Zend_Acl_Resource('default_auth_logged'),'default_auth');



      $this->add(new Zend_Acl_Resource('test')); //module

      $this->add(new Zend_Acl_Resource('test_index'),'test'); //controller
      $this->add(new Zend_Acl_Resource('test_index_index'),'test_index'); //page

      $this->add(new Zend_Acl_Resource('test_lefttest'),'test'); //controller
      $this->add(new Zend_Acl_Resource('test_lefttest_lefttest1'),'test_lefttest'); //page
      $this->add(new Zend_Acl_Resource('test_lefttest_lefttest2'),'test_lefttest'); //page
      $this->add(new Zend_Acl_Resource('test_lefttest_righttest1'),'test_lefttest'); //page
      $this->add(new Zend_Acl_Resource('test_lefttest_righttest2'),'test_lefttest'); //page



      $this->addRole(new Zend_Acl_Role('normal'));
      $this->addRole(new Zend_Acl_Role('admin'),'normal');


      $this->allow('normal','default');
      $this->deny('normal','test');

      $this->allow('admin','test');
   }*/

   public function __construct()
   {
      $this->acl=new Zend_Acl();
   }

   public function createACL()
   {
      $this -> createResources();
      $this -> createRoles();
      $this -> createPrivileges();

      return $this -> acl;
   }

   private function createRoles()
   {
      //$db_roles=new Application_Model_DbTable_AclRoles();
      //$select = $db_roles -> select()->order('level');
      //$roles = $db_roles -> fetchall($select);
      $db=new Application_Model_AclRolesMapper();
      $roles = $db->  getRoles();

      foreach ($roles as $role)
      {
         $role_name="";
         $parent="";

         $role_name=$role['role_name'];
         $parent=$role['inherit_from'];

         if($parent==null)
         {
            $this->acl->addRole(new Zend_Acl_Role($role_name));
         }
         else
         {
            $this->acl->addRole(new Zend_Acl_Role($role_name),$parent);
         }
      }
   }

   private function createResources()
   {
        //$db_resources=new Application_Model_DbTable_AclResources();
        //$select = $db_resources -> select();
        //$resources = $db_resources -> fetchall($select);
        $db=new Application_Model_AclResourcesMapper();
        $resources=$db->  getResources();

        foreach($resources as $resource)
        {
           $resource_name="";
           $parent="";

           $resource_name=$resource['resource_name'];
           $parent=$resource['inherit_from'];

           if($parent==null)
           {
              $this -> acl -> add(new Zend_Acl_Resource($resource_name));
           }
           else
           {
              $this -> acl -> add(new Zend_Acl_Resource($resource_name),$parent);
           }
        }
   }

   private function createPrivileges()
   {
      //$db_privileges=new Application_Model_DbTable_AclPrivileges();
      //$select = $db_privileges -> select();
      //$privileges = $db_privileges -> fetchall($select);
      $db=new Application_Model_AclPrivilegesMapper();
      $privileges=$db->  getPrivileges();

      foreach($privileges as $privilege)
      {
         $resource_name="";
         $role="";
         $privilege_name="";
         $type="";

         $resource_name=$privilege['resource_name'];
         $role=$privilege['role'];
         $privilege_name=$privilege['privilege'];
         $type=$privilege['type'];

         if($type=="allow")
         {
            $this -> acl -> allow($role,$resource_name,$privilege_name);
         }
         elseif($type=="deny")
         {
            $this -> acl -> deny($role,$resource_name,$privilege_name);
         }
      }
   }

   private $acl;
}

?>
